In the following discussion, the term ‘secured area’ is used generically to refer to any type of physical or virtual facility having privileged access, such as the rooms of a secure facility, or information on a computer, or functions of a computer, or the privilege to perform financial transactions. The term ‘user’ is used to refer to a person attempting to access a secured area.
The purpose of an access control system is to determine if a person attempting to enter a secured area is authorized to do so. There are three basic elements to validating access privileges, which can be simply summarized as “who you are”, “what you know”, and “what you have”. Each of these elements has strengths and weaknesses. Therefore, a given access control system might use one or more of these elements, with the most secure systems requiring all three.
Access control systems that validate “who you are” most commonly require a person (such as a security guard) to verify the identity of the user. Alternatively this can be automated using biometric validation methods such as fingerprint matching, face recognition, or iris scans. The “who you are” element of security is typically the hardest to automate reliably. However “who you are” is not transferable to other individuals, in contrast to the other two elements of validating access which are easily transferred, and so more easily compromised.
Access control systems that validate “what you know” require that the user recall a password or PIN number (personal identification number). A common method to provide this information would be through a keypad attached to the access control system. This is the most common method of access control for computer usage, where the user is required to enter a username and password to gain access to the computers information and programs. This is the easiest security element to grant to a user because it does not require creating any physical entity like a key.
Access control systems that validate “what you have” require that the person carry an identity badge or access key. A conventional door lock uses this method. Magnetic card readers and radio frequency tags are other examples of access control based on “what you have”. An advantage of a key entry method is that a completely mechanical solution is possible, which is ideal where electrical power is not available. A key or card is easy to transfer from one person to another.
Access control systems requiring “what you know” and “what you have” are very common. For example automated teller machines (ATMs) require that the user swipe a debit card through a magnetic card reader and also provide a PIN number. Another example is electronically locked doors leading to secure areas in airports, which often have a card reader and a keypad for entering an access code. Such systems make it very difficult for lost or stolen cards to be used to access the system.
A common problem with any automated access control system is known as ‘piggy backing’. This is where one user allows several others to gain access to the secure area without requiring them to validate their authority to do so. For example, an employee may swipe their card through a reader to unlock a door and then allow several others through at the same time. In organizations with a large number of employees, it is therefore fairly easy for someone to appear as a legitimate employee and gain access to a secure area through ‘piggy backing’ into the area. The alternative of having a security guard at each access point is costly and not a very good utilization of the security guard's time. A security camera located at the door can act as a deterrent to ‘piggy backing’, but must be monitored by a security guard to be effective.
One system that attempts to address this issue is described in U.S. Pat. No. 4,581,634 issued to Williams. Williams describes a two-piece system that uses a conventional badge-reading system in combination with a camera for viewing the badge holder's face. However, the Williams apparatus requires two cameras to operate, one to read the badge and one to capture the badge holder's face. The two-camera design requires additional equipment expenses, as well as additional processing and bandwidth overhead. Also, the Williams apparatus is directed to photographic identification badges, which are at a greater risk of forgery than bar codes or symbol badges that link to an information database. Lastly, the Williams apparatus is designed to be controlled by an operator, and automating the apparatus would expose it to a security breach due to the forgery possibilities described above.
A further disadvantage of systems such as magnetic card readers and the Williams apparatus is that they require physical contact with the card and so require periodic maintenance to function reliably. They are also subject to tampering and vandalism.
U.S. Pat. No. 5,682,030 issued to Kubon describes a method and apparatus for decoding bar codes from an analog video signal. Kubon is directed to replacing traditional bar code scanners with video cameras to allow for bar code scanning at a greater distance. Kubon is limited by requiring a digitizer to handle analog signals and also by requiring a minimum 25% of the visible area to be covered by the bar code.
U.S. Patent Application Publication 2002/0003575, applied for by Marchese, describes a digital video system using networked cameras. Marchese describes a method of capturing and storing video streams from cameras on the network into single files, with indexing to search for individual images. The design allows for the individual computers on the network to access the stored images and monitor the cameras. The only security measure provided in the Marchese system is motion detection based on color component value comparisons from different images. While this type of motion detection is commonly used, it is inefficient and unwieldy for security purposes in areas that require regular access from security-cleared personnel.
The object of the present invention is to mitigate the above drawbacks by integrating the functionality of all three identity validation methods mentioned above through a security camera that is used to also read identity badges. A computer network associated with one or more cameras facilitates badge recognition, user validation, centralized management, and control of the access control system.